#!/usr/bin/env python
# -*- coding:utf8 -*-
# uncompyle6 version 2.15.1
# Python bytecode 2.7 (62211)
# Decompiled from: Python 2.7.10 (default, Jul  1 2017, 13:36:56) 
# [GCC 4.4.6 20110731 (Red Hat 4.4.6-4)]
# Embedded file name: ./paas/account/middlewares.py
# Compiled at: 2017-11-16 15:44:28
"""
Tencent is pleased to support the open source community by making 蓝鲸智云(BlueKing) available.
Copyright (C) 2017 THL A29 Limited, a Tencent company. All rights reserved.
Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at http://opensource.org/licenses/MIT
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and limitations under the License.
"""
from django.conf import settings
from django.contrib.auth import authenticate
from django.middleware.csrf import get_token as get_csrf_token
from common.mymako import render_mako_context
from account.accounts import Account
from common.constants import RoleCodeEnum

class LoginMiddleware(object):

    def process_view(self, request, view, args, kwargs):
        full_path = request.get_full_path()
        if full_path.startswith(settings.STATIC_URL) or full_path == '/robots.txt':
            return None
        if getattr(view, 'login_exempt', False):
            return None
        user = authenticate(request=request)
        if user:
            request.user = user
            get_csrf_token(request)
            return None
        account = Account()
        return account.redirect_login(request)


class DeveloperLimitMiddleware(object):

    def process_view(self, request, view, args, kwargs):
        full_path = request.get_full_path()
        if full_path.startswith(settings.STATIC_URL) or full_path == '/robots.txt' or full_path == '/' or full_path == '/platform/':
            return None
        if getattr(view, 'login_exempt', False) or getattr(view, 'developer_limit_exempt', False):
            return None
        allow_developer_list = [str(RoleCodeEnum.SUPERUSER), str(RoleCodeEnum.DEVELOPER)]
        if request.user.role in allow_developer_list:
            return None
        return render_mako_context(request, 'developer_403.html')
